package com.rc.saas.tenant.shiro;

import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.authc.LogoutFilter;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;

/**
 * 自定义 LogoutFilter
 * Created by Sven on 2021/10/22
 */
public class CustomLogoutFilter extends LogoutFilter {
    private static Logger logger = LogManager.getLogger(CustomLogoutFilter.class);

    /**
     * 自定义登出,登出之后,清理当前用户redis部分缓存信息
     * @param request
     * @param response
     * @return
     * @throws Exception
     */
    @Override
    protected boolean preHandle(ServletRequest request, ServletResponse response) throws Exception {
        logger.warn("logout............");

        //登出操作 清除缓存  subject.logout() 可以自动清理缓存信息, 这些代码是可以省略的  这里只是做个笔记 表示这种方式也可以清除
        Subject subject = getSubject(request, response);
        //DefaultWebSecurityManager securityManager = (DefaultWebSecurityManager) SecurityUtils.getSecurityManager();
        //ShiroRealm shiroRealm = (ShiroRealm) securityManager.getRealms().iterator().next();
        //PrincipalCollection principals = subject.getPrincipals();
        //shiroRealm.clearCache(principals);

        //登出
        subject.logout();

        //获取登出后重定向到的地址
        String redirectUrl = getRedirectUrl(request, response, subject);

        //重定向
        issueRedirect(request, response, redirectUrl);
        return false;
    }

}
